open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

xml2: Add tests for functions xpath_nodeset() and xpath_list()

Browse Source 
These two functions with their different argument lists have never been
tested in this module, so let's add something.

Author: Ronan Dunklau
Discussion: https://postgr.es/m/ZzMSJkiNZhimjXWx@paquier.xyz
pull/184/head
Michael Paquier 8 months ago
parent 3ef038fc4f
commit 93f9b4a93f
3 changed files with 94 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 39
      contrib/xml2/expected/xml2.out
  2. 39
      contrib/xml2/expected/xml2_1.out
  3. 16
      contrib/xml2/sql/xml2.sql

39
contrib/xml2/expected/xml2.out
Unescape View File

@ -207,6 +207,45 @@ SELECT xslt_process('<employee><name>cim</name><age>30</age><pay>400</pay></empl
(1 row)
-- xpath_nodeset()
SELECT xpath_nodeset(article_xml::text, '/article/author|/article/pages')
FROM articles;
xpath_nodeset
----------------------------------------
<author>test</author><pages>37</pages>
(1 row)
SELECT xpath_nodeset(article_xml::text, '/article/author|/article/pages',
'item_without_toptag')
FROM articles;
xpath_nodeset
------------------------------------------------------------------------------------------------------------------------------
<item_without_toptag><author>test</author></item_without_toptag><item_without_toptag><pages>37</pages></item_without_toptag>
(1 row)
SELECT xpath_nodeset(article_xml::text, '/article/author|/article/pages',
'result', 'item')
FROM articles;
xpath_nodeset
-----------------------------------------------------------------------------------
<result><item><author>test</author></item><item><pages>37</pages></item></result>
(1 row)
-- xpath_list()
SELECT xpath_list(article_xml::text, '/article/author|/article/pages')
FROM articles;
xpath_list
------------
test,37
(1 row)
SELECT xpath_list(article_xml::text, '/article/author|/article/pages', '|')
FROM articles;
xpath_list
------------
test|37
(1 row)
-- possible security exploit
SELECT xslt_process('<xml><foo>Hello from XML</foo></xml>',
$$<xsl:stylesheet version="1.0"

39
contrib/xml2/expected/xml2_1.out
Unescape View File

@ -151,6 +151,45 @@ SELECT xslt_process('<employee><name>cim</name><age>30</age><pay>400</pay></empl
</xsl:template>
</xsl:stylesheet>$$::text, 'n1="v1",n2="v2",n3="v3",n4="v4",n5="v5",n6="v6",n7="v7",n8="v8",n9="v9",n10="v10",n11="v11",n12="v12"'::text);
ERROR: xslt_process() is not available without libxslt
-- xpath_nodeset()
SELECT xpath_nodeset(article_xml::text, '/article/author|/article/pages')
FROM articles;
xpath_nodeset
----------------------------------------
<author>test</author><pages>37</pages>
(1 row)
SELECT xpath_nodeset(article_xml::text, '/article/author|/article/pages',
'item_without_toptag')
FROM articles;
xpath_nodeset
------------------------------------------------------------------------------------------------------------------------------
<item_without_toptag><author>test</author></item_without_toptag><item_without_toptag><pages>37</pages></item_without_toptag>
(1 row)
SELECT xpath_nodeset(article_xml::text, '/article/author|/article/pages',
'result', 'item')
FROM articles;
xpath_nodeset
-----------------------------------------------------------------------------------
<result><item><author>test</author></item><item><pages>37</pages></item></result>
(1 row)
-- xpath_list()
SELECT xpath_list(article_xml::text, '/article/author|/article/pages')
FROM articles;
xpath_list
------------
test,37
(1 row)
SELECT xpath_list(article_xml::text, '/article/author|/article/pages', '|')
FROM articles;
xpath_list
------------
test|37
(1 row)
-- possible security exploit
SELECT xslt_process('<xml><foo>Hello from XML</foo></xml>',
$$<xsl:stylesheet version="1.0"

16
contrib/xml2/sql/xml2.sql
Unescape View File

@ -123,6 +123,22 @@ SELECT xslt_process('<employee><name>cim</name><age>30</age><pay>400</pay></empl
</xsl:template>
</xsl:stylesheet>$$::text, 'n1="v1",n2="v2",n3="v3",n4="v4",n5="v5",n6="v6",n7="v7",n8="v8",n9="v9",n10="v10",n11="v11",n12="v12"'::text);
-- xpath_nodeset()
SELECT xpath_nodeset(article_xml::text, '/article/author|/article/pages')
FROM articles;
SELECT xpath_nodeset(article_xml::text, '/article/author|/article/pages',
'item_without_toptag')
FROM articles;
SELECT xpath_nodeset(article_xml::text, '/article/author|/article/pages',
'result', 'item')
FROM articles;
-- xpath_list()
SELECT xpath_list(article_xml::text, '/article/author|/article/pages')
FROM articles;
SELECT xpath_list(article_xml::text, '/article/author|/article/pages', '|')
FROM articles;
-- possible security exploit
SELECT xslt_process('<xml><foo>Hello from XML</foo></xml>',
$$<xsl:stylesheet version="1.0"

Write Preview
Loading…
Cancel
Save